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- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
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2a)lE Tiiis action is FINAL. 2b)n This action is non-final. 

3) n Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under £x parte Quay/e, 1935 CD. 11, 453 O.G. 213. 
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4) K Claim(s) 1-12 is/are pending in the application. 
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6) IE Claim(s) 7il2 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) 0 The specification is objected to by the Examiner. 

10) n The drawing(s) filed on is/are: aO accepted or b)n objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) 0 The oath or declaration is objected to by the Examiner. Note the attached Office Action orfomn PTO-152. 
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application from the International Bureau (PCT Rule 17.2(a)). 
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DETAILED ACTION 

Claim Rejections - 35 USC §102 

1 . The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

2. Claims 1-3, 5-12 are rejected under 35 U.S.C. 102(e) as being unpatentable by Terrell et 
al (U.S. 2002/0188720). 

As per claims 1 Terrell disclosed a network access control method for a network system 
comprising: network apparatuses having packet filtering functions; a service server connected 
with an IP network via the network: apparatus, providing a service to a user; a user terminal 
connected with the IP network via the network apparatus, for the user to utilize there through the 
service provided by said service server; a reception server connected with the IP network via the 
network apparatus (Page. 2, Paragraph. 0024), receiving an access from the user for said service 
server; and 20 an access control server controlling the network apparatus, said method 
comprising the steps of a) said reception server receiving access request information from said 
user terminal, and holding it; and b) said access controlling server performing traffic control such 
as to extract, based on a processing capability of said service server and a traffic amount for said 
service server (Page. 2, Paragraph. 0023), such an amount of the access request information held 
by said reception server as that which said service server can optimally deal with, so as to allow 
the access for said service server (Page. 2, Paragraph. 0025). 
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3. As per claim 3 Terrell disclosed a reception server comprising: an access list holding 
access request information from a user terminal; a user profile holding user information 
including a user class for each user; an access receiving part receiving an access from the user 
terminal (Page. 3, Paragraph. 0026); an access registering part registering access request 
information received via said access receiving part into said access list in order of the reception a 
user class extracting part extracting an IP address from the received access request information, 
and identifying the user by using the extracted IP address so as to extract the user class from said 
user profile (Page. 5, Paragraph. 0045); and a by-user-class registering part registering the access 
request information received via said access receiving part into said access list based on the user 
class extracted through said user class extracting part (page. 5, Paragraph. 0049). 

4. As per claim 5 Terrell disclosed fiirther comprising: an access confirming part 
determining whether or not the access request is to be registered in said access list, when waiting 
is needed, after receiving the access request from the user terminal; and a waiting confirmation 
inquiring part inquiring to the user for said access confirming part to make the determination 
(Page. 4, Paragraph 0036). 

5. As per claim 6 Terrell disclosed an access control server comprising: a access 
information database holding information concerning a processing capability of a service server 
and a maximum permissible access number calculated based on the processing capability of the 
service server (Page. 3, Paragraph 0026); a traffic control part controlling a network apparatus; a 
static permissible access number calculating part calculating the maximum permissible access 
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number based on the information concerning the processing capability of the service server; and 
a filtering optimizing part reading such an amount of access request information from an access 
list holding the access request information from user terminals in a reception server (Page. 4, 
Paragraph 0034), from the top, as that for the maximum permissible access number, producing 
packet filtering setting information for the users making access requests to be able to access to 
the service server, and setting the produced information in the network apparatus via said traffic 
control part (Page. 5, Paragraph 0044). 

6. As per claim 7 Terrell disclosed further comprising: a load and traffic monitoring part 
monitoring a load condition of the service server and a traffic condition of a network apparatus 
holding the service server; and a dynamic permissible access number calculating part- 
periodically performing communication with said load and traffic monitoring part so as to extract 
therefrom information of the load condition and traffic condition (Page. 4, Paragraph 0037), and 
calculate the maximum permissible access number therefrom, and, also, registering the 
calculated maximum permissible access number in the access information database (Page. 
Paragraph. 0048). 

7. As per claim 8 Terrell disclosed further comprising: a control information database 
holding control information which is used as a guideline for reading the access request 
information from the access list; and a by-user-class access request reading part reading the 
access request information from the access list for each user class based on the control 
information extracted from said control information database (Page. 5, Paragraph. 0049), when 
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the filtering optimizing part reads such an amount of the access request information from the 
access list as that for the maximum permissible access number, in a case where the access 
request information is registered in the access list by user class (Page. Paragraph. 0048). 

8. As per claim 9 Terrell disclosed fiirther comprising: an effective timer setting part setting 
an effective timer for the access request information when the packet filtering setting information 
is produced; and a filtering canceling part canceling the packet filtering control set in the 
network apparatus, when the effective timer has expired (Page. 5, Paragraph 0046), 

9. As per claim 10 Terrell disclosed a service server connected with an IP network via a 
network apparatus and providing a service to a user, comprising: a session finish determining 
part determining that a session performed with a user terminal has finished; and a session finish 
reporting part reporting to an access control server that the session performed with the user 
terminal has finished (Page. 5, Paragraph. 0045). 

10. As per claim 1 1 Terrell disclosed further comprising a user authenticating part 
determining, based on the user class extracted through the user class extracting part, whether or 
not the received access request is given from an un allowed user, and, reporting, when the access 
request is given from the un allowed user, this matter to the access control server (Page. 5, 
Paragraph 0045). 
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11. As per claim 12 Terrell disclosed further comprising an access un allowance filtering 
setting part producing, based on a report from the user authenticating part of the reception server 
claimed in claim 1 1, the packet filtering setting information of access un allowance for the 
service server, and setting the produced information in the network apparatus (Page. 5, Paragraph 
0045). 

Claim Rejections - 35 USC §103 

12. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

13. Claims 4 is rejected under 35 U.S.C. 103(a) as being unpatentable over Terrell et al (U.S. 
2002/0188720) and Brown et al (U.S. 5,941,947). 



As per claim 4 Terrell did not disclosed in detail further comprising: an estimated waiting time 
calculating part calculating an estimated waiting time, from the number of the users waiting, 
according to a position of said access list at which the access request received from the user 
terminal is registered; and an access information reporting part reporting the calculated estimated 
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waiting time to the user, and reporting to the user that the access can be performed after the 
estimated waiting time has elapsed. 

In the same field of endeavor Brown disclosed the access rights values of the access control 
matrix 300 are generally in the form of the privilege level masks, with each defined bit 
corresponding to a respective user privilege level. Fig 3B illustrates a preferred basic set of user 
privilege levels, and the bits of access rights values (col. 17, lines 5-11). Further, even if the 
access control matrix were divided and stored across multiple servers. The time required to 
search the access control matrix (to determine the rights of a user with respect to an object) 
would be long, and the user would therefore experience significant time delays when moving 
from object to object (col. 18, lines 51-56). 

It would have been obvious to one having ordinary skill in the art at the time of the invention 
was made to have incorporated the access rights values of the access control matrix 300 are 
generally in the form of the privilege level masks, with each defined bit corresponding to a 
respective user privilege level. Fig 3B illustrates a preferred basic set of user privilege levels, and 
the bits of access rights values. Further, even if the access control matrix were divided and stored 
across multiple servers. The time required to search the access control matrix (to determine the 
rights of a user with respect to an object) would be long, and the user would therefore experience 
significant time delays when moving fi-om object to object as taught by Brown in the method of 
Terrell to provide a technique that is suitable for flexibly controlling the access of a large number 
of users to a large number of data entities. A need also exists to be able to flexibly and efficiently 
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define new types of access operations as new on-line services and new content entities are 
created (col. 2, lines 12-16). 

Response to Arguments 

Applicant's arguments filed 04/22/2005 have been fully considered but they are not persuasive. 
Response to applicant's argument as follows. 

13, Applicant argued that prior art did not disclose, "An access control server that applies 
access control based on determining a processing capability and traffic amount associated with 
the requested service server". 

As to applicant's argument Terrell disclosed, "Communicatively coupled to a network core 
device via network device as shown. Those skilled in the art will appreciate, fi-om the description 
to follow, the network edge services and/or incorporating the teachings of the present invention 
dynamically provision the differentiated services offered by and through core devices on an as- 
needed, as-authorized basis thereby minimizing the resources required of the network edge 
device and the network support differentiated services. More specifically, network edge devices 
and/or, in conjunction with a bandwidth broker, dynamically create and remote filters that when 
triggered, initiate an admission controlling provision and access to the differentiated services of 
data network" (Page, 2, Paragraph. 0023). 
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14, Applicant argued that prior art did not disclose," Applicant's reception server that 
registers and holds an access request in an access registering part until extracted by an access 
control server upon confirming that the user request may be optimally filled by the service 
server". 

As to apphcant's argument Terrell disclosed, "If controller determines that the necessary profile 
is not installed, controller determines that the necessary profile is not installed, controller 
forwards the trigger notification received fi-om the filter to bandwidth broker looks up the 
received the trigger in the admissions policy database to identify an associated classifier profile. 
Once the appropriate classifier profile is identified it is sent to classifier via controller in an 
updated message" (Page. 5, Paragraph 0045). 

15. Applicant argued that prior did not disclose, "The filter information determined by 
reference to the process capability of a service server". 

As to apphcant's argument Terrell disclosed, "Once in place, filter issues a trigger message to 
controller when data packets are received satisfying the criteria of an installed filter" (Page. 4, 
Paragraph 0034). 
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Conclusion 

16. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

17. Any inquiry concerning this communication or earlier communication from the examiner 
should be directed to Adnan Mirza whose telephone number is (571)-272-3885. 

18. The examiner can normally be reached on Monday to Friday during normal business 
hours. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Valencia Martin Wallace can be reached on (571)-272-6159. The fax for this group is 
(703)-746-7239. 
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19. The fax phone numbers for the organization where this application or proceeding is 
assigned are as follows: 

(703)-746-7239 (For Status Inquiries, Informal or Draft Communications, please label 
"PROPOSED" or "DRAFT"); 

(703)-746-7239 (For Official Communications Intended for entry, please mark "EXPEDITED 
PROCEDURE"), 

(703)-746-7238 (For After Final Communications). 

20. Any Inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is (703)-305-3900. 

Any response to a final action should be mailed to: 



Commissioner of Patents and Trademarks Washington, D.C.20231 
Or faxed to: 

Hand-delivered responses should be brought to 4* Floor Receptionist, Crystal Park II, 
2021 Crystal Drive, Arlington, VA 22202. 
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